Hackers Now Bypassing Two-factor Authentication – Here Is How To Secure Your Account

Two-factor authentication (also known as 2FA) is the most trusted method of securing your accounts by combining two different components. These components may be something that the user knows, something that the user possesses or something that is inseparable from the user – usually in form of a code sent to user’s phone for verification – before log in.

2factornewsimage

However, some wise hackers and account hijackers are strategizing different means to find ways around the Two-factor authentication – the most trusted means of securing any account online.


DONT MISS==>  How To Hide Photos On Samsung Galaxy A7

Earlier this week, Alex MacCaw, cofounder of data API Company Clearbit, shared a screenshot of a text attempting to trick its way past the 2FA on one Google account.

Here’s is the trick and how it works:

  • The attacker sends the target a text message, pretending to be the very company that the target has an account with.
  • They say they have detected “suspicious” activity to the account, and so are sending the 2FA code to the target, which they should then text back to them to avoid having their account locked.
  • The victim, worried they are being hacked and not wanting to lose access to their data, sends the code back, believing they have thwarted the attempted hack.
  • But in doing so, they actually give the hacker the one thing they needed to break into the account.
  • The hacker enters the victim’s password, followed by this ill-gotten 2FA code, and they’re in.
DONT MISS==>  4 Ways to make your Android phone run faster

The attacker can sometimes even spoof their identity – so the text looks like it comes from Google, or Facebook, or Apple, rather than an unknown number.

Although, the hijacker still needs the victim’s password to get all this done. But there are a number of ways they could get hold of it. Often they look at data dumps from old hacks for emails/usernames and passwords that they then try on other sites, because so many people reuse passwords across multiple accounts and platforms.

DONT MISS==>  How To Upgrade Infinix Hot 2 (Android One) To Android 6.0 Marshmallow

Huge databases of tens of millions of email addresses and passwords have been floating around in the last few weeks – notably from LinkedIn and MySpace. So if you reuse passwords, your login details may be being shared online right now without you realising.

Two-factor authentication hacker

The text message that Alex MacCaw shared on Twitter is above. To stay safe, use a strong, unique password for every account you have – managing them all with a password manager if necessary – and don’t text your two-factor authentication codes to anyone, even if they appear legitimate.

Got any tech-related questions to ask? Feel free to ask in the comments section or you could also head over to ask.techlector.com for quick and prompt replies.

Never Miss An Update; Like Our Facebook Page Or Follow Us On Twitter. You Can As Well Subscribe To Our YouTube Channel To Get 1st Hand Information.

Subscribe Now With Your Email To Receive Free Updates!!!

LEAVE A REPLY

Please enter your comment!
Please enter your name here